[ADD] base_suspend_security

2025-02-18 09:52:42 +02:00 · 2015-07-15 14:14:16 +02:00
parent b7e82f7ec4
commit 9c2f68e028
11 changed files with 350 additions and 0 deletions
--- a/base_suspend_security/tests/test_base_suspend_security.py
+++ b/base_suspend_security/tests/test_base_suspend_security.py
@@ -0,0 +1,51 @@
+# -*- coding: utf-8 -*-
+##############################################################################
+#
+#    This module copyright (C) 2015 Therp BV (<http://therp.nl>).
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU Affero General Public License as
+#    published by the Free Software Foundation, either version 3 of the
+#    License, or (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU Affero General Public License for more details.
+#
+#    You should have received a copy of the GNU Affero General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+##############################################################################
+from openerp import exceptions
+from openerp.tests.common import TransactionCase
+
+
+class TestBaseSuspendSecurity(TransactionCase):
+    def test_base_suspend_security(self):
+        # tests are called before register_hook
+        self.env['ir.rule']._register_hook()
+        user_id = self.env.ref('base.user_demo').id
+        other_company = self.env['res.company'].create({
+            'name': 'other company',
+            # without this, a partner is created and mail's constraint on
+            # notify_email kicks in
+            'partner_id': self.env.ref('base.partner_demo').id,
+        })
+        # be sure what we try is forbidden
+        with self.assertRaises(exceptions.AccessError):
+            self.env.ref('base.user_root').sudo(user_id).name = 'test'
+        with self.assertRaises(exceptions.AccessError):
+            other_company.sudo(user_id).name = 'test'
+        # this tests ir.model.access
+        self.env.ref('base.user_root').sudo(user_id).suspend_security().write({
+            'name': 'test'})
+        self.assertEqual(self.env.ref('base.user_root').name, 'test')
+        self.assertEqual(self.env.ref('base.user_root').write_uid.id, user_id)
+        # this tests ir.rule
+        other_company.sudo(user_id).suspend_security().write({'name': 'test'})
+        self.assertEqual(other_company.name, 'test')
+        self.assertEqual(other_company.write_uid.id, user_id)
+        # this tests if _normalize_args conversion works
+        self.env['res.users'].browse(
+            self.env['res.users'].suspend_security().env.uid)